Cybercrime: Top games for 10 euros

The trade in stolen game keys and digital credits is booming.

08/12/2014 | Bochum 

According to the Federal Association of Interactive Entertainment Software (Bundesverband Interaktive Unterhaltungssoftware; BIU), 29.3 million Germans play computer games, 37 percent of whom are gamers aged 40 and over. Gaming has long been a leisure time occupation for all the family, with increasing turnover statistics. In the first half of 2014, the turnover in digital games in Germany was 798 million Euros (Source: BIU). The business and the gamers are popular targets for cyber criminals. The perpetrators use computer malware, phishing emails or bogus offers of digital game keys or credits for online platforms to attempt to lure gamers into traps. Registration keys for bestsellers such as Battlefield 4 or Titanfall can be obtained in underground forums for 10 euros. The keys are purchased by fraudsters using stolen credit card data and sold on. In the run-up to Gamescom in Cologne, G DATA has been taking a look around the underground scene and offers tips on how gamers can use the net more securely.

"Stealing and trading in user accounts for online games is a very lucrative business for cyber criminals," explains Ralf Benzmüller, head of G DATA SecurityLabs. "Cyber criminals develop malware or set up well-planned and well-implemented phishing methods to steal user accounts. For performance reasons, gamers often disable their antivirus software and so walk right into the malware trap." Modern security solutions such as G DATA Internet Security or Total Protection are tailored to the needs of gamers. "Disabling the antivirus solution is not necessary with G DATA security software. Gamers should therefore leave their security solution permanently switched on," advises Benzmüller.


Data theft via phishing

Phishing attacks do not just take place in online banking. Gamers have long been in the sights of data thieves, who try to lure them onto fake websites using spam email.

Cyber criminals try to extract user data for gaming platforms such as Steam and Origin from gamers on well-copied websites. Such sites can often only be revealed as fake from the URL.

Fake Steam websites: There is no difference at first glance – the fake can be seen on the left, the original on the right.

The tip from the expert: Website addresses should always be entered in the browser manually. Always look carefully at links to update pages and study the entire address line.


Trade in illegally purchased game keys and credits

The perpetrators use stolen data, which is obtained by phishing or using so-called keyloggers, to purchase game keys or credits for online platforms such as Steam.

Currently much sought after in underground forums are game keys for current bestsellers and top hits such as Call of Duty, Battlefield 4, Watch Dogs, Diablo 3: Reaper of Souls or Titanfall. A key for Battlefield 4 Premium Edition can be obtained for 10 euros – it usually costs about four times as much. However, by doing so gamers risk losing their user account if the key is redeemed on platforms such as Steam or Origin.

Also still popular is the trade in illegally purchased digital credits for Steam, Xbox Live, PlayStation Network, iTunes and other web platforms. These are sold for a fraction of the original value. Steam credits with a value of 100 euros are traded in underground forums for 20 euros.


How online gamers can protect themselves

  • Caution with unofficial patches: Only install official updates from games manufacturers. A supposed update from third party providers can quickly turn out to be computer malware.
  • Delete suspicious emails: Already taking a look at forthcoming hit games? Cyber criminals know what games gamers are eagerly awaiting as well. Spam email from unknown senders or with tempting content should be deleted immediately. File attachments or links should never be clicked on.
  • Enter URLs manually: Internet users should never click on links in emails. Ideally Internet addresses for websites you want to visit should be entered manually in the browser address line.
  • Use a security solution: Gamers are more secure online when they have a powerful, comprehensive security solution installed on the PC. Besides protection against malware, phishing and spam email, this should provide real-time protection while surfing. The security solution should be permanently activated – even during gaming.
  • Keep software up-to-date: Use updates to ensure that your operating system and installed software are always fully up-to-date. This prevents attackers from exploiting known security holes.
  • Use strong passwords: Combinations of upper and lower case letters plus numbers are significantly more secure. A secure password consists of at least eight characters.
  • Use genuine online traders: Gamers should only buy digital enhancements, credits or game keys in official online gaming markets. In such cases use of a credit card or payment service provider with buyer protection is recommended.





OnlineGaming_Safety: G DATA provides helpful tipps for gamers, so the game remains fun.